Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication bypass on web interface
Vulnerability Description
The authentication mechanism on web interface is not properly implemented. It is possible to bypass authentication checks by crafting a post request with new settings since there is no session token or authentication in place. This would allow an attacker for instance to point the device to an arbitrary address for domain name resolution to e.g. facililitate a man-in-the-middle (MitM) attack.
CVSS Information
N/A
Vulnerability Type
使用欺骗进行的认证绕过
Vulnerability Title
Growatt ShineLan-X 安全漏洞
Vulnerability Description
Growatt ShineLan-X是中国古瑞瓦特(Growatt)公司的一款光伏逆变器的数据记录器。 Growatt ShineLan-X存在安全漏洞,该漏洞源于Web界面认证机制实现不当,可能导致绕过认证检查并执行中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A